Compare commits
1 Commits
695bcd65c9
...
3ae047f2f4
Author | SHA1 | Date |
---|---|---|
Adrian Gunnar Lauterer | 3ae047f2f4 |
|
@ -16,7 +16,7 @@
|
||||||
./zfs.nix
|
./zfs.nix
|
||||||
./backup.nix
|
./backup.nix
|
||||||
../../services/smb.nix
|
../../services/smb.nix
|
||||||
../../services/qbittorrent.nix
|
../../services/torrent.nix
|
||||||
#../../services/stableDiffusion.nix
|
#../../services/stableDiffusion.nix
|
||||||
#../../services/freshrrs.nix
|
#../../services/freshrrs.nix
|
||||||
#../../services/torrent.nix
|
#../../services/torrent.nix
|
||||||
|
|
|
@ -456,7 +456,7 @@ in
|
||||||
users.users = lib.mkIf (cfg.user == "qbittorrent") {
|
users.users = lib.mkIf (cfg.user == "qbittorrent") {
|
||||||
qbittorrent = {
|
qbittorrent = {
|
||||||
isSystemUser = true;
|
isSystemUser = true;
|
||||||
home = "/var/lib/qbittorrent";
|
home = path;
|
||||||
group = cfg.group;
|
group = cfg.group;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -464,9 +464,9 @@ in
|
||||||
qbittorrent = {};
|
qbittorrent = {};
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.services."qbittorrent-nox@" ={
|
systemd.services."qbittorrent-nox" ={
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
ExecStart = "qbittorrent-nox -d --configuration=${cfg.configFile}";
|
ExecStart = "${pkgs.qbittorrent-nox}/bin/qbittorrent-nox --configuration=${cfg.configFile}";
|
||||||
User = cfg.user;
|
User = cfg.user;
|
||||||
Group = cfg.group;
|
Group = cfg.group;
|
||||||
Restart = "on-failure";
|
Restart = "on-failure";
|
||||||
|
|
|
@ -0,0 +1,43 @@
|
||||||
|
{ config, lib, pkgs, options, ... }:
|
||||||
|
let
|
||||||
|
port = 8090;
|
||||||
|
torrentPort = 44183;
|
||||||
|
savePath = "/Main/Data/media/Downloads/";
|
||||||
|
in
|
||||||
|
{
|
||||||
|
networking.firewall.allowedTCPPorts = [ port torrentPort];
|
||||||
|
networking.firewall.allowedUDPPorts = [ port torrentPort];
|
||||||
|
|
||||||
|
users.users.qbittorrent = {
|
||||||
|
isSystemUser = true;
|
||||||
|
home = "/var/lib/qbittorrent";
|
||||||
|
group = "qbittorrent";
|
||||||
|
};
|
||||||
|
users.groups.qbittorrent = {};
|
||||||
|
|
||||||
|
systemd.services."qbittorrent-nox" ={
|
||||||
|
after = [ "network.target" ];
|
||||||
|
environment.HOME = "/var/lib/qbittorrent";
|
||||||
|
serviceConfig = {
|
||||||
|
ExecStart = "${pkgs.qbittorrent-nox}/bin/qbittorrent-nox --webui-port=${toString port} --torrenting-port=${toString torrentPort} --save-path=${savePath}";
|
||||||
|
User = "qbittorrent";
|
||||||
|
Group = "qbittorrent";
|
||||||
|
Restart = "on-failure";
|
||||||
|
|
||||||
|
DynamicUser = true;
|
||||||
|
RuntimeDirectory = "qbittorrent";
|
||||||
|
WorkingDirectory = "/var/lib/qbittorrent";
|
||||||
|
InaccessiblePaths = [ "/home" "/root" "/run" "/boot" "/etc" "/proc" "/sys" "/usr" "/lib" "/bin" "/sbin" "/srv" "/opt" ];
|
||||||
|
|
||||||
|
# Security options
|
||||||
|
#PrivateTmp = true;
|
||||||
|
#ProtectSystem = "full";
|
||||||
|
#ProtectKernelTunables = true;
|
||||||
|
#ProtectKernelModules = true;
|
||||||
|
#ProtectControlGroups = true;
|
||||||
|
#NoNewPrivileges = true;
|
||||||
|
#ProtectHome = true;
|
||||||
|
#PrivateDevices = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in New Issue